電話加密,竊聽無門
????最近華爾街最流行的是什么?不是金融衍生工具,不是抵押證券,甚至也不是工作保障,而是加密的電話線路。 ????美國司法部(the Justice Department)最近破獲的幾起金融犯罪里,電話竊聽都起了至關重要的作用。正是靠著從電話竊聽中搜集到的證據,聯邦檢察官普利特?巴拉拉才在一樁罕見的內幕交易案中,告倒了對沖基金經理拉杰?拉賈拉特南。而在加密電話線路上,雙方的談話會被加密,防止電話遭人竊聽——無論是聯邦探員還是別的什么人都沒轍。 ????就像普通的有線電話一樣,加密電話從來不是什么高科技。上世紀80年代和90年代,國務院(the State Department)的特工把加密電話放在手提箱里,必要的時候把它插在墻上就能打電話。不過電話加密軟件生產商Meganet公司的首席執行官索爾?貝加爾表示,現在我們既不需要特殊的手機,也不需要像007那樣為掩人耳目,把電話做成皮鞋的樣子。Meganet公司為幾乎各種類型的手機生產加密軟件。一般說來,通話雙方的手機必須都能對通話進行加密和解碼。不過現在有些軟件允許對通話進行單方加密,等到通話內容達到另一方的網絡時再解碼。 ????貝加爾表示,不到兩年時間,他的公司從金融部門客戶那里獲得的營收入就從0增長到了2,000萬美元。與此同時,光是其中一位金融客戶就利用Meganet的軟件激活了19,000臺加密手機。貝加爾表示,在金融業和石油天然氣領域的帶動下,他的公司的商業業務取得了快速增長,因此Meganet正在準備掛牌上市。不過貝加爾以及本文采訪的其他安全性專家都不愿透露客戶的名字。 ????互聯網與音頻安全軟件制造商Fortinet發現,企業客戶也對加密電話有著類似的需求。這家公司位于加利弗尼亞洲的薩尼維爾市,該公司現在正著手研發它的第一款產品,該公司負責產品研發的副總裁帕特里克?貝德維爾表示,這款產品可以與加密軟件進行“互動”。Fortinet的軟件的設計初衷是要在網絡“門戶”上保護手機和數據,而不是保護個人通話。不過由于客戶經常遭遇聲音加密,因此Forttinet希望使IT安全人員可以在所有這些網絡門戶上攔截通話,然后對它們進行破解。 ????金融部門對這些功能的需求尤其強勁。貝德威爾表示:“在金融服務領域,他們正在提高聲音內容的保護等級。金融服務業對我們來說極為重要,在先進安全性技術的采用上,金融業往往是第一批吃螃蟹的人。部分原因是由于他們更容易成為高級安全性攻擊的靶子。正所謂槍打出頭鳥。” ????在電話安全行業,像Fortinet和Meganet這種公司只是小角色。這個行業還包括私人控股的Tripleton以及通用動力(General Dynamics)等大公司。 ????情報咨詢機構Stratfor的反恐專家弗萊德?波頓指出,從很多方面來看,電話安全只是網絡安全的延伸。大多數公司都使用VoIP網絡電話,也就是說他們的電話線路和網絡聯接走的是一條線。盡管許多企業只關心互聯網的數據安全,但他們可能沒有意識到,許多電話黑客,或是小報記者【比如《世界新聞報》(News of the World)】,可能正在忙著竊聽你們的電話。 ????此外,很多公司還面臨著商業間諜活動的威脅。波頓表示:“比如你是一位CEO,現在正在某個國家旅行,那里的行業間諜活動猖獗,比如中國、俄羅斯、印度或以色列。那么你就需要具備安全地與總部進行通話的能力。”企業對電話進行加密的原因不一而足。 ????對于大多數金融機構來說,他們還需要提防來自執法機構的竊聽。波頓表示,隨著電話加密和衛星電話技術的發展,辦案人員越來越難以通過電話監督和電話記錄來辦案了。 ????今年初夏,帆船集團(Galleon Group)前交易員茲伊?高佛爾因涉嫌內幕交易而受審,華爾街開始愈發重視電話安全問題。高佛爾最終被判有罪。其中有一個證據是特別致命的,法庭聽取了一盤來自聯邦調查局(FBI)的錄音帶,其中高佛爾的一個同謀賈森?高德法伯驚慌地要求高佛爾替他買新的預付費手機。因為他的預付費手機是匿名的,但有人在給他的這部手機打電話的時候叫出了他的名字。唉,高德法伯雖然安全意識不錯,可惜還是晚了一步——高佛爾的電話線已經被執法機關錄音了。 ????一位安全性公司的代表告訴《財富》雜志,不光只有對沖基金在保護他們的電話線路。至少有兩家主要的信用卡公司,以及四家美國排名前十的銀行都購買了手機加密軟件。 ????Meganet的貝加爾指出:“我們曾經見過有些大型的(金融)機構,要求所有高層管理人員都要求必須使用經過加密的手機。凡是參與公司‘財務方面’的人員,包括交易人員,也都要求使用加密手機。” ????一位基金經理告訴《財富》,他的一位同行供職于在今年夏天的內幕交易偵訊中受到傳喚的某家公司。這位同行很久以前告訴他,他們公司的電話很“安全”。值得注意的是,這家公司現在尚未受到指控。 ????譯者:樸成奎 |
????What's all the rage on Wall Street these days? Not derivatives, mortgage-backed securities or even job security. It's encrypted phone lines. ????Wire taps are at the center of the Justice Department's latest crackdown on financial crimes -- it was evidence collected from them that helped U.S. attorney Preet Bharara win a rare insider trader victory over hedge fund manager Raj Rajaratnam. On encrypted phone lines, the speech of both parties is scrambled to prevent eavesdropping -- by the Feds or anyone else. ????Like our own landlines, encrypted phones used to be a low-tech affair -- special agents for the State Department in the 1980s and 1990s would carry their phones in a briefcase and plug them into a wall to make a call. These days, neither special handsets nor repurposed Max Smart-style shoes are required, says Saul Backal, chief executive of Meganet, which makes encryption software for almost any kind of cell phone. Typically the phones on both ends of the conversation must be enabled to encrypt and decipher the speech, although some software enables phone calls to be encoded one way and then decoded when they reach the recipient's network. ????Backal says his company's revenue from customers in the financial sector grew from almost nothing to $20 million in the last two years. During that time frame, one financial client alone activated 19,000 encrypted cell phones with Meganet software. Backal says the growth in the company's commercial business, led by the financial industry and the oil-and-gas sector, is helping Meganet prepare for an IPO. Neither Backal nor the other security professionals interviewed for this story would name their clients. ????Internet-and-voice security software maker Fortinet (FTNT) is seeing similar demand for encrypted phones from corporate clients. The Sunnyvale, Calif.-based company is developing its first product that would "interact" with encryption software, says vice president of product development Patrick Bedwell. Fortinet's software is designed to protect phones -- and data -- at network "gateways" rather than on individual lines. But clients are encountering voice encryption so much, Fortinet wants to allow IT security personnel to intercept calls at these gateways and decrypt them. ????Demand for such capabilities is particularly strong in the financial sector. "In financial services, they are trying to improve the level of protection for voice content," says Bedwell. "The financial sector is extremely important to us -- they are often the early adopters of more advanced security techniques. Partly because they're the target of often more advanced security attacks, they're the sharp end of the stick." ????Fortinet and Meganet are smaller players in the phone-security industry that includes closely held Tripleton and General Dynamics (GD). ????In many ways, says Fred Burton, a counterterrorism authority at the intelligence consulting firm Stratfor, phone security is just an extension of Internet security. Most corporations use voice-over Internet protocol, meaning their phone lines go through the same "pipe" as their Internet connection. While the corporation worries about its Internet data security, computer hackers – or tabloid newspaper reporters, as in the case of News of the World – could be busy eavesdropping on phone calls. ????And then there's the threat of corporate espionage. "Let's say you have a CEO that's traveling to places where there are high rates of industrial-espionage type activities, such as China, Russia, India or Israel, and they want ability to communicate back with HQ," says Burton. All the more reason to encrypt. ????For most financial institutions, of course, another major worry is the prying ears of law enforcement. As phone-encryption and satellite-telephone technology develops, says Burton, investigators are finding it tougher to make cases using phone surveillance and phone records. ????Telephone-security consciousness among some parties on Wall Street became clear during the trial of ex-Galleon Group trader Zvi Goffer for insider trading earlier this summer, which resulted in a conviction. In one particularly damning piece of evidence, the court heard a tape from the FBI that featured one of Goffer's accomplices, Jason Goldfarb, calling him with a panicky request for new prepaid cellphones. Goldfarb feared that a third party had compromised the supposed anonymity of his prepaid phone by calling him on it. Alas, Goldfarb was a little late with his security consciousness -- Goffer's line had already been tapped by law enforcement. ????It's not just hedge funds that are protecting their lines. At least two major credit card companies and four of the top ten U.S. banks have bought phone-encryption software, a security firm representative told Fortune. ????"We have seen in large [financial] corporations [where] all upper management members were required to carry encrypted cell phones," says Meganet's Backal. With some clients, anyone involved in any "financial aspect" of the firm's business, including trading, uses encrypted cell phones, he says. ????One hedge-fund manager told Fortune that a colleague inside one of the largest firms subpoenaed during the sweeping insider-trading investigation had told him long ago that the phones at that firm were "secure." Notably, that firm has yet to be charged. |